Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 4bc1c244 authored by akirilov's avatar akirilov Committed by Atanas Kirilov
Browse files

RESTRICT AUTOMERGE: Backporting of b/77821568

Enforce permission check before returning application info
Test: manually tested (see bug for repro steps)
Bug: 77821568

Change-Id: I5d81345b2d958c2bb0a62bbcb8bd8c714a1cf41e
parent df97989c
Loading
Loading
Loading
Loading
+22 −2
Original line number Diff line number Diff line
@@ -3892,13 +3892,25 @@ public class PackageManagerService extends IPackageManager.Stub {
     */
    void enforceCrossUserPermission(int callingUid, int userId, boolean requireFullPermission,
            boolean checkShell, String message) {
        enforceCrossUserPermission(
              callingUid,
              userId,
              requireFullPermission,
              checkShell,
              false,
              message);
    }
    private void enforceCrossUserPermission(int callingUid, int userId,
            boolean requireFullPermission, boolean checkShell,
            boolean requirePermissionWhenSameUser, String message) {
        if (userId < 0) {
            throw new IllegalArgumentException("Invalid userId " + userId);
        }
        if (checkShell) {
            enforceShellRestriction(UserManager.DISALLOW_DEBUGGING_FEATURES, callingUid, userId);
        }
        if (userId == UserHandle.getUserId(callingUid)) return;
        if (!requirePermissionWhenSameUser && userId == UserHandle.getUserId(callingUid)) return;
        if (callingUid != Process.SYSTEM_UID && callingUid != 0) {
            if (requireFullPermission) {
                mContext.enforceCallingOrSelfPermission(
@@ -6292,7 +6304,7 @@ public class PackageManagerService extends IPackageManager.Stub {
        flags = updateFlagsForPackage(flags, userId, null);
        final boolean listUninstalled = (flags & MATCH_UNINSTALLED_PACKAGES) != 0;
        enforceCrossUserPermission(Binder.getCallingUid(), userId,
                true /* requireFullPermission */, false /* checkShell */,
                false /* requireFullPermission */, false /* checkShell */,
                "get installed packages");
        // writer
@@ -6400,10 +6412,18 @@ public class PackageManagerService extends IPackageManager.Stub {
    @Override
    public ParceledListSlice<ApplicationInfo> getInstalledApplications(int flags, int userId) {
        final int callingUid = Binder.getCallingUid();
        if (!sUserManager.exists(userId)) return ParceledListSlice.emptyList();
        flags = updateFlagsForApplication(flags, userId, null);
        final boolean listUninstalled = (flags & MATCH_UNINSTALLED_PACKAGES) != 0;
        enforceCrossUserPermission(
            callingUid,
            userId,
            false /* requireFullPermission */,
            false /* checkShell */,
            "get installed application info");
        // writer
        synchronized (mPackages) {
            ArrayList<ApplicationInfo> list;